RU2347266C2 - Method and device for reception and removal of information concerning objects of digital rights - Google Patents

Abstract

FIELD: physics; computer facilities.

SUBSTANCE: given invention concerns the method and the device for reception and removal of the information concerning objects of the digital rights. The specified effect is reached because the method and the device for reception and removal of the information concerning objects of the digital rights includes reception of inquiry from the device on the information concerning object of the rights, data processing concerning object of the rights in reply to inquiry and granting to the device of the handled data. And the expedient of removal of objects of the numeral rights includes a select of the information concerning object of the rights subject to removal, encryption of the chosen information concerning object of the rights, using a blanket key of enciphering, embedding of the ciphered information concerning object of the rights in a signal for transmission on a portable device of a data storage and a signal transmission in a data storage portable device. The device requests the information from a portable device of a data storage concerning object of the rights, gains the information from a portable device of a data storage concerning object of the rights and deletes unnecessary objects of the rights.

EFFECT: maintenance of more effective protection of numeral contents of objects of the digital rights.

55 cl, 33 dwg, 1 tbl

Description

FIELD OF THE INVENTION

The methods and devices in accordance with the present invention relate to obtaining and deleting information regarding digital rights objects and, more specifically, to receiving and deleting information regarding digital rights objects, in which the device requests information about the digital rights object from a portable data storage device, receives information regarding the digital rights object from the portable data storage device, transmitted in response to the request, and controls information regarding the digital object s rights so that the digital rights management (DRM) between the device and the portable storage device is carried out safely and effectively.

BACKGROUND OF THE INVENTION

Recently, DRM has been actively researched and developed. DRM has been and will be used in commercial services. DRM is required because of the following various properties of digital content. In other words, unlike analog information, digital content can be copied without loss and can be easily reused, converted and distributed, and only a small amount of expense is needed to copy and distribute digital content. However, producing digital content requires a large amount of expense, work, and time. Thus, when digital content is copied and distributed without permission, the digital content producer may lose profits, and the producer’s enthusiasm for creation may decrease. As a result, digital content development activities may be difficult.

There have been several attempts to protect digital content. Typically, digital content protection focuses on preventing unauthorized access to digital content by allowing access to digital content only to people who have paid for it. Thus, people who pay for digital content are allowed access to unencrypted digital content, while people who have not paid are denied access. However, when the person making the payment intentionally distributes this digital content to other people, this digital content can be used by people who have not paid for it. To solve this problem, DRM was introduced. In DRM, anyone is allowed free access to encoded digital content, but a license is required to decode and execute digital content, which is the subject of rights. Thus, digital content can be protected more efficiently by using DRM.

SUMMARY OF THE INVENTION

Technical problem

Figure 1 illustrates the concept of DRM related to managing content (hereinafter referred to as encrypted content) protected using a method such as encryption or scrambling, and rights objects that allow access to encrypted content.

With reference to FIG. 1, a DRM system includes user devices 110 and 150 desiring to access DRM protected content, a content publisher 120 releasing the content, a rights publisher 130 releasing a rights object containing the right to access the content, and a certification authority 140 issuing the certificate.

In operation, user device 110 may receive the desired content from content publisher 120 in an encrypted format protected by DRM. The user device 110 may obtain a license to reproduce encrypted content from the rights object received from the rights publisher 130. After that, the user device 110 can play the encrypted content. Since the encrypted content can be freely distributed or transmitted, the user device can freely transfer the encrypted content to the user device 150. To play encrypted content to the user device 150, a rights object is required. The object of rights can be obtained from the publisher 130 rights. Meanwhile, the certification authority 140 issues a certificate indicating that the content publisher 120 is authentic and that user devices 110 and 150 are authorized. The certificate can be embedded at the manufacturing stage into devices used by user devices 110 and 150, and reissued through certification center 140 after a predetermined period.

DRM protects the income of those who produce or provide digital content and can thus help revitalize the digital content industry. Although the rights object or encrypted content can be transferred between user devices, in practice this is inconvenient. Accordingly, to facilitate the movement of rights objects and encrypted content between devices, it is desirable to efficiently transfer information between the device and the portable data storage device, which is an intermediary between devices.

Technical solution

The present invention provides a method and apparatus for acquiring digital rights object information, in which the device requests information from a portable data storage device regarding a rights object, obtains information about a rights object transmitted from a portable data storage device in response to a request, and controls information regarding a digital rights object so that DRM between the device and the portable storage device is performed safely and efficiently.

The present invention also provides a method and apparatus for deleting a digital rights object, whereby an unnecessary rights object is deleted based on the information on the rights object, thereby reducing the load of the device or portable data storage device and preventing the consumption of content by the unauthorized rights object.

According to an aspect of the present invention, there is provided a method of obtaining information regarding a digital rights object, including receiving a request from a device for information about a stored rights object, gaining access to a rights object in response to a request from the device, processing information on the rights object, and providing the device with processed information.

In another aspect of the present invention, there is provided a method of obtaining information regarding a digital rights object, including receiving from a device a request for information on all available rights objects, gaining access to all available rights objects in response to a request, processing information on all available rights objects, and providing device processed information.

In yet another aspect of the present invention, there is provided a method of obtaining information regarding a digital rights object, the method including receiving from the device a request for information on all available rights objects, gaining access to all available rights objects in response to the request, processing information on all available objects rights and providing the device with processed information.

According to an additional aspect of the present invention, there is provided a method of obtaining information regarding a digital rights object, the method including performing authentication with a portable data storage device and generating an encryption key, requesting information on all available rights objects from an authenticated portable data storage device, and receiving processed information for all accessible rights objects from said portable data storage device.

In yet another aspect of the present invention, there is provided a method of deleting a digital rights object, the method including selecting information on the rights object to delete, encrypting the selected information on the rights object using a common encryption key, embedding encrypted information on the rights object in the signal for transmission to the portable a data storage device and transmitting a signal to a portable data storage device.

In yet another aspect of the present invention, there is provided a method for deleting a digital rights object, the method including receiving encrypted information about deleting the rights object from the device, decrypting encrypted information about deleting the rights object using a common encryption key, gaining access to the rights object corresponding to the decrypted information about deleting an object of rights and deleting this object of rights.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other aspects of the present invention will become more apparent through a detailed description of exemplary embodiments of the present invention with reference to the accompanying drawings, in which:

Figure 1 shows a diagram illustrating the concept of DRM;

2 is a diagram illustrating the concept of DRM using a secure multimedia card (MMC) (secure multimedia card);

Figure 3 shows a block diagram of a device according to an exemplary embodiment of the present invention;

Figure 4 shows a block diagram of a secure MMC according to an exemplary embodiment of the present invention;

5 is a table illustrating a format of a rights object in an exemplary embodiment of the present invention;

FIG. 6 is a table illustrating the limitations given to the resolution shown in FIG. 5;

7 is a view illustrating authentication between a device and a secure MMC;

FIG. 8 is a flowchart of a protocol by which a device obtains information regarding a given rights object from a secure MMC according to an exemplary embodiment of the present invention;

In Fig.9. shows a block diagram of a protocol by which a device obtains information regarding all available rights objects from a secure MMC according to an exemplary embodiment of the present invention;

Figure 10 shows a block diagram of a protocol for removing a rights object from a secure MMC specified by a device according to an exemplary embodiment of the present invention;

In FIG. 11 to 15 are examples illustrating command formats, command parameters, and output responses that are used when the device transmits information to the secure MMC regarding content requested by the user according to the protocol shown in FIG. 8, according to an exemplary embodiment of the present invention;

In FIG. 16 through 20 show examples illustrating command formats, command parameters, and output response that are used when a device requests information about a rights object corresponding to contents from secure MMC, according to the protocol shown in FIG. 8, according to an exemplary embodiment of the present invention ; and

FIGS. 21, 22 and 23 are examples illustrating information formats regarding a rights object provided by secure MMC according to the protocol shown in FIG. 8;

In FIG. 24 to 28 show examples illustrating command formats, command parameters, and output responses that are used when the device requests information about all available rights objects using the protocol shown in FIG. 9, according to an exemplary embodiment of the present invention; and

In FIG. 29 through 33 show examples illustrating command formats, command parameters, and output responses that are used when a device requests a secure MMC to delete a separate rights object using the protocol shown in FIG. 10, according to an exemplary embodiment of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

The present invention and methods for achieving this can be more easily understood with reference to the following detailed descriptions of exemplary embodiments and the accompanying drawings. However, the present invention can be implemented in many different forms and should not be construed as limited by the exemplary embodiments set forth herein. Rather, these exemplary embodiments are provided so that this description of the invention will be exhaustive and complete and fully convey the essence of the invention to specialists in this field of technology, and the scope of the present invention is determined only by means of the attached claims. Identical numerical references refer to like elements throughout the specification.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the attached drawings.

The terms used in the description of the invention will be briefly described before presenting a detailed description. A description of the interpretation of the terms is provided for a better understanding of the description of the invention, and terms that are not described in detail here are not intended to limit the breadth of the invention.

- Public key cryptography

Public key cryptography is an asymmetric cipher in which the key used for encryption is different from the key used for decryption. The public key encryption algorithm is open to the public, but it is impossible or difficult to decrypt the original content only with a cryptographic algorithm, an encryption key, and encrypted text. Examples of public key cryptographic systems include Diffie-Hellman cryptosystems, RSA cryptosystems, ElGamal cryptosystems, and elliptic curve cryptosystems. Public key cryptography is about 100-1000 times slower than cryptography using a symmetric cryptographic key, and thus is usually used for exchanging keys and digital signatures, rather than encrypting content.

- Cryptography using a symmetric cryptographic key

Cryptography using a symmetric cryptographic key is a symmetric cipher called cryptography with a private key, using the same key for encryption and decryption. The Data Encryption Standard (DES) is the most widely accepted symmetric cipher. Recently, an increasing number of applications using Advanced Encryption Standard (AES).

- Certificate

A certification authority certifies public key users with respect to public key encryption. A certificate is a message containing a public key and information confirming the identity of a person signed by a certification authority using a secret key. Thus, the integrity of the certificate is easy to consider by applying the public key of the certification authority to the certificate, and therefore the user's public key is protected from being modified by attackers.

- Digital signature

A digital signature is created by the signatory to verify that the document has been signed.

Examples of digital signatures are the RSA digital signature, the ElGamal digital signature, the DSA digital signature, and the Schnorr digital signature. When using the RSA digital signature, the sender encrypts the message with his private key and sends the encrypted message to the recipient. The recipient decrypts the encrypted message. In this case, it confirms that the message has been encrypted by the sender.

- Random number

A random number is a sequence of numbers or characters with random properties. Since generating a completely random number is too expensive, you can use a pseudo-random number.

- Portable information storage device

The portable information storage device used in the present invention includes non-volatile memory, such as flash memory, which allows you to write, read or delete information, as well as connect it to the device. Examples of such portable storage devices are smart media cards, memory sticks, compact flash (CF), xD cards, and multimedia cards. In the future, secure MMC will be interpreted as a portable information storage device.

Figure 2 shows a diagram illustrating the concept of DRM using secure multimedia card (MMC).

User device 210 may receive encrypted content from content publisher 220. Encrypted content is DRM protected content. To play encrypted content, you need a rights object (RO) for encrypted content. The RO contains a definition of the right to content, restrictions on this right and the right to the RO itself. An example of a content right is reproduction. An example of a limitation may be the number of plays, play time, and play time. An example of an RO right is moving or copying. In other words, an RO containing the right to move can be moved to another device or secure MMC. An RO containing the right to copy can be copied to another device or secure MMC. When transferring an RO, the original RO is deactivated before the transfer (i.e., either the RO itself or the right contained in the RO is deleted). However, when copying an RO, the original RO can be used in the on state even after copying.

After receiving the encrypted content, the user device 210 may request a rights object (RO) from the rights publisher 230 to obtain a reproduction right. When the user device 210 receives the RO from the rights publisher 230 along with the RO response, then the user device can play the encrypted content using the RO. Meanwhile, the user device 210 may transmit this RO to the user device 250 having the corresponding encrypted object through a portable information storage device. Secure MMC 260, having a DRM function, can act as a portable information storage device. In this case, the user device 210 performs mutual authentication with the secure MMC 260 and then transfers the RO to the secure MMC 260. To play the encrypted content, the user device 210 requests the right to play from the secure MMC 260 and obtains the right to play, i.e. the content encryption key from secure MMC 260. The user device 210 can play the encrypted content using the content encryption key. However, after performing mutual authentication with user device 250, secure MMC 260 can transfer the RO to user device 250 or allow user device 250 to play encrypted content.

In exemplary embodiments of the present invention, authentication between the device and the secure MMC is necessary to allow the device to use this secure MMC. The authentication procedure will be described in detail with reference to FIG. 3. Here, the subscript "D" of the object indicates that the object is located on the device or produced by it, and the subscript "M" of the object indicates that this object is located on the secure MMC or produced by it.

Figure 3 shows a block diagram of a device 300 according to an exemplary embodiment of the present invention.

In an exemplary embodiment, the term “module” as used herein means a software or hardware component, such as a user programmable gate array (FPGA) or application specific integrated circuit (ASIC), that performs, but is not limited to, certain tasks. The module can be advantageously located in an addressable storage medium and configured to run on one or more processors. Thus, a module can include components, such as software components, object-oriented software components, class components and task components, processes, functions, attributes, procedures, routines, source code segments, drivers, firmware, microcode, schemas, data, databases, data structures, tables, arrays and variables. The set of functionalities provided in the components and modules can be combined into a smaller number of components and modules or additionally divided into additional components and modules. Additionally, components and modules can be implemented so that they are executed on one or more CPUs in the device or secure MMC.

To implement DRM, the device 300 needs a security function, a content storage function or an RO function, an information exchange function with another device, for example, a portable information storage device or a multimedia device, a PDA, a cell phone, a data transmit / receive function that allows you to contact a content provider or publisher of RO, and DRM features. To perform these functions, device 300 includes an encryption module 365 having an RSA module 340, an encryption key generation module 350 and an advanced encryption standard (AES) module 360 for a security function, a content / RO storage module 330 with a storage function, an MMC interface module 310 , allowing the exchange of information with secure MMC, and the agent 320 DRM, controlling each module to perform the DRM procedure. In addition, device 300 includes a transceiver module 370 for transmitting / receiving information and a screen display module 380 for displaying contents during playback. The encryption key generated by the encryption key generation module 350 includes a session key used to encrypt and decrypt during communication between the device 300 and the secure MMC, and a hash key used to generate a hash value indicating whether the information has been changed relative to RO.

The transceiver module 370 allows the device 300 to communicate with a content provider or publisher RO. The device 300 may receive the RO and encrypted content through the transceiver module 370.

MMC interface module 310 allows device 300 to connect to a secure MMC. When the device 300 is connected to the secure MMC, essentially, the MMC interface module 310 of the device 300 is electrically connected to the secure MMC interface module. However, the electrical connection is only an example, and the connection may mean a state in which the device 300 can communicate with the secure MMC via a wireless data medium without contact.

RSA module 340 performs public key encryption. In more detail, RSA module 340 performs RSA encryption in accordance with requests from agent 320 DRM. In exemplary embodiments of the present invention, during authentication, RSA encryption is used for key exchange (random number) or digital signature. However, RSA encryption is just an example, and other public key encryption methods can be used.

The encryption key generation unit 350 generates a random number for transmitting the secure MMC and generates a session key and a hash key using the generated random number and the random number received from the secure MMC. The random number generated by the encryption key generation module 350 is encrypted by the RSA module 340 and then transmitted to the secure MMC via the MMC interface module 310. Instead of generating a random number by the encryption key generation unit 350, the random number may be selected from a plurality of random numbers provided in advance.

The 360 AES module performs symmetric key encryption using the generated session key. In more detail, AES 360 uses AES encryption to encrypt the session key with the encryption key of the content from the RO and to encrypt other important information while communicating with another device. In an exemplary embodiment of the present invention, the session key is used to encrypt the RO during the movement of the RO. AES encryption is just an example, and another symmetric key encryption method, such as DES encryption, can be used.

The content / RO storage unit 330 comprises encrypted content and an RO. The device 300 encrypts the RO, according to AES encryption, using a unique key that cannot be read by another device or secure MMC, and decrypts the RO using a unique key to transfer or copy the RO to another device or secure MMC. Encryption of RO using a unique key, in accordance with encryption with a symmetric key is just an example. Alternatively, the RO can be encrypted using the secret key of the device 300, and can be decrypted, if necessary, using the public key of the device 300.

The screen display unit 380 visually displays the playback of contents whose RO permits playback. The display module 380 may be implemented as a device with a liquid crystal screen (LCD), such as an LCD on thin film transistors (TFT) or with an organic electroluminescent screen.

The DRM agent 320 checks whether the information regarding the RO received from the secure MMC has been changed. Verification can be done based on the value of the hash function generated by secure MMC. The hash value is obtained using the hash key generated by the encryption key generation module 350 and a published hash algorithm, for example, secure hash algorithm 1 (SHA1).

When requesting information regarding an RO or deleting an RO to prevent loss of a request command or inserting a falsified command between request teams by an illegal attacker, a send command counter (SSC) indicating the transmission sequence can be generated and embedded in the request command.

In this case, the DRM agent 320 creates deletion conditions, i.e. an RO identifier, or a list of RO IDs, or an element related to legal RO information for deletion. Thus, the DRM agent 320 has the function of extracting legal information from the obtained RO.

4 shows a block diagram of a secure MMC 400 according to an exemplary embodiment of the present invention.

To implement DRM, the secure MMC 400 requires a security function, a content storage or RO function, an information exchange function with another device, and a DRM function. To perform these functions, secure MMC includes an encryption module 465 having an RSA module 440, an encryption key generation module 450, an AES module 460 for a security function, a content / RO storage module 430 with a storage function, an interface module 410 that allows communication with the device and a DRM agent 420 that controls each module to perform the DRM procedure.

An interface module 410 allows the secure MMC 400 to be connected to the device. When the secure MMC 400 is connected to the device, essentially, the secure MMC 400 interface module 410 is electrically connected to the device interface module. However, the electrical connection is only an example, and the connection may mean a state in which the secure MMC 400 can communicate with the device via a wireless data medium without contact.

The RSA module 440 performs public key encryption. In more detail, the RSA module 440 performs RSA encryption in accordance with requests from the 420 DRM agent. In exemplary embodiments of the present invention, during authentication, RSA encryption is used for key exchange (random number) or digital signature. However, RSA encryption is just an example, and other public key encryption methods can be used.

The encryption key generation unit 450 generates a random number for transmission to the device and generates a session key and a hash key using the generated random number and the random number received from the device. The random number generated by the encryption key generation module 450 is encrypted by the RSA module 440 and then transmitted to the device via the MMC interface module 410. Instead of generating a random number by the encryption key generation unit 450, the random number may be selected from a plurality of random numbers provided in advance.

AES module 460 performs symmetric key encryption using the generated session key. In more detail, AES module 460 uses AES encryption to encrypt the session key with the encryption key of the content from the RO and to encrypt other important information while exchanging data with another device. According to an exemplary embodiment of the present invention, the session key is used to encrypt the RO during the movement of the RO. AES encryption is just an example, and another symmetric key encryption method, such as DES encryption, can be used.

The content / RO storage unit 430 comprises encrypted content and an RO. The Secure MMC 400 encrypts the RO according to AES encryption using a unique key that cannot be read by another device, and decrypts the RO using a unique key to transfer or copy the RO to other devices. Encryption of RO using a unique key, in accordance with encryption with a symmetric key is just an example. Alternatively, the RO can be encrypted using the secure MMC 400 secret key, and can be decrypted when necessary using the secure MMC 400 public key.

Upon receipt of a request for information regarding the RO from the device, the DRM agent 420 selectively processes the information contained in the RO and provides the processed information to the device through the interface module 410, which will be described in detail below with reference to FIG.

In addition, the DRM agent 420 retrieves the RO for deletion. In more detail, DRM agent 420 retrieves an RO according to RO deletion conditions, such as an RO ID or an ID list transmitted from a device. The extracted RO is deleted. Deleting an RO can mean physically deleting an RO or reporting that a given RO is unnecessary by changing certain RO information. In addition, the DRM agent 420 has the function of physically removing unnecessary ROs in response to a request.

5 is a table illustrating an RO format according to an exemplary embodiment of the present invention.

The RO includes a version field 500, a resource field 520, and a permission field 540.

The version field 500 contains version information of the DRM system. Resource field 520 contains information regarding content data whose consumption is controlled by the RO. The permission field 540 contains information regarding the use and actions permitted by the rights publisher regarding DRM protected content.

The information stored in the resource field 520 will be described in detail.

Information "id" indicates the identifier used to identify the RO.

The “uid” information is used to identify content whose use is subordinate to the RO and is the unified resource identifier (URI) of the content data in the DRM content format (DCF).

The Inherit information establishes a hereditary relationship between resources, the use of which is subordinate to the RO and contains information regarding the parent resource. If there is an inheritance relationship between the two resources, the child resource inherits all the rights of the parent resource.

The “Key Value” information contains the binary value of the key used to encrypt the content, called the Content Encryption Key (CEK). CEK is the key value used to decrypt encrypted content for use by the device. When a device receives a CEK from a secure MMC, it can use the contents.

The information stored in the permission field 540 will be described in detail.

The idref information has a reference value of the id information stored in the resource field 520.

“Permission” is the right to use the content authorized by the rights publisher. Permission types include Play, Show, Execution, Print, Export.

The type "Playback" is the right to play DRM content in audio / video format. Accordingly, the DRM agent does not allow access based on the Play type for content such as Java games that cannot be displayed in audio / video format.

Optionally, permission of type Play may have a restriction. If a specific restriction exists, the DRM agent grants a Play type right in accordance with the specified restriction. If certain restrictions do not exist, the DRM agent grants unlimited rights such as Play.

Display permission means the right to play DRM content on a visual device. The DRM agent does not allow Display-based access for content such as gif and jpeg images that cannot be played back by the visual device.

Permission of type Execution means the right to execute DRM content, such as Java games and other applications. Print permission means the right to make a hard copy of DRM content, such as jpeg images.

An Export permission means the right to send DRM content and corresponding ROs to a DRM system other than the DRM Open Mobile Alliance (OMA) system or content protection architecture. Resolution of type Export must have a restriction. The limitation is set by the DRM system of the content protection architecture to which DRM content and its RO can be sent. Resolution type Export is divided into move mode and copy mode. When an RO is exported from the current DRM system to another DRM system in transfer mode, the RO is deleted from the current DRM system, but in copy mode, the RO is not deleted from the current DRM system.

A Move type permission is divided into moving a secure MMC device and moving a secure MMC device. In moving device-secure MMC, the RO from the device is sent to the secure MMC, and the original RO in the device is deactivated. Similar actions are performed in moving a secure MMC device.

Copy permission is divided into copy-secure MMC device and copy secure MMC device. When copying a device-secure MMC, the RO from the device is sent to the secure MMC, but, unlike the Move type permission, the original RO in the device is not deactivated. Similar actions are performed when copying a secure MMC device.

FIG. 6 is a table illustrating the limitations given to the resolution shown in FIG. 5.

Resolution restriction information limits the consumption of digital content.

Limit 600 The account has a positive integer value and sets the number of times the content permission has been issued. The DRM agent will not allow access to DRM content more times than the number of permissions specified by the Account limit value. In addition, if the Account limit value is not positive, the DRM agent will not allow access to DRM content. In this case, the Time Count restriction includes a count subfield and a timer subfield to determine the number of permissions given to the contents during the time period defined by the timer.

Restriction 610 Date-time sets a deadline for permission and, optionally, includes start and end elements. When an initial element is determined, access is not permitted before a specific time on a specific date. When a finite element is defined, access is not allowed after a specific time on a specific date. Accordingly, if the value of the start element is greater than the value of the end element, the DRM agent will not allow access to the contents of the DRM.

In the format of the start and end elements, CC means century, YY means year, MM means month, DD means number, T means separator between date and time, and hh: mm: ss means hours: minutes: seconds, respectively.

Restriction 620 Interval establishes the validity period of rights to DRM contents and, optionally, includes start and end elements. When an initial element is determined, the consumption of DRM content is allowed after a specific time of a specific date for a period of time set by the Interval limit. When a finite element is determined, the consumption of DRM content is allowed for a period of time set by the Interval to a specific time of a specific date restriction. Therefore, the DRM agent does not allow access to the DRM contents after the total time specified by the Interval limit value has expired.

In the element format Duration, for example, P2Y10M15DT10H30M20S means a duration of 2 years, 10 months, 15 days, 10 hours, 30 minutes and 20 seconds.

The total limit 630 defines the maximum measured time during which the right can be exercised in relation to the contents of the DRM. The DRM agent does not allow access to DRM content after the total time specified by the Total limit value has expired.

Individual restriction 640 defines the person to whom the contents of DRM are attached. In other words, an Individual Constraint 640 defines a person using the face URI. Accordingly, if the user identity of the device is not identical to the person who is allowed to use the DRM content, the DRM agent does not allow access to the DRM content.

System Restriction 650 defines a DRM system or content protection framework into which content and rights can be exported. The Version element indicates version information of the DRM system or content protection structure. The UID element indicates the name of the DRM system or content protection structure.

7 is a view illustrating an authentication procedure in an exemplary embodiment of the present invention.

и зашифрованное случайное число

устройству 710. В другом примерном варианте осуществления настоящего изобретения, и устройство 710, и secure MMC 720 могут издавать команды. Например, secure MMC 720 может посылать устройству 710 отклик аутентификации совместно с сертификатом

и зашифрованным случайным числом

. Подробное описание процедуры аутентификации будет изложено ниже.Authentication is a procedure in which device 710 and secure MMC 720 authenticate each other and exchange random numbers to generate a session key. A session key can be generated using a random number obtained during authentication. In Fig. 7, the descriptions above the arrows refer to a command requesting another device to perform some action, and the descriptions below the arrows refer to the parameters necessary for executing the command or transmitting data. In an exemplary embodiment of the present invention, device 710 issues all the commands for authentication, and secure MMC 720 performs the actions necessary to execute the command. For example, device 710 may send a secure MMC 720 command, such as an authentication response. Then, in response to an authentication response, secure MMC 720 sends a certificate

and encrypted random number

device 710. In another exemplary embodiment of the present invention, both device 710 and secure MMC 720 may issue commands. For example, secure MMC 720 may send an authentication response along with a certificate to device 710

and encrypted random number

. A detailed description of the authentication procedure will be described below.

устройства. Например, открытый ключ

устройства можно послать посредством посылки сертификата, выпущенного центром сертификации для устройства 710. Сертификат устройства

подписан цифровой подписью центра сертификации и содержит ID устройства и открытый ключ

устройства. Основываясь на сертификате

устройства, secure MMC 720 может аутентифицировать устройство 710 и получить открытый ключ устройства.In step S10, device 710 sends an authentication request to secure MMC 720. When authentication is requested, device 710 sends a secure MMC public key

devices. For example, a public key

devices can be sent by sending a certificate issued by a certification authority for device 710. Device certificate

digitally signed by a certification authority and contains the device ID and public key

devices. Based on certificate

devices, secure MMC 720 can authenticate device 710 and obtain the public key of the device.

устройства, используя список отозванных сертификатов (CRL). Если сертификат

устройства зарегистрирован в CRL, secure MMC 720 может отклонить аутентификацию устройства 710. Если сертификат

устройства не зарегистрирован в CRL, secure MMC 720 получает открытый ключ

устройства, используя сертификат

устройства.In step S20, secure MMC 720 checks if the certificate is valid

devices using the certificate revocation list (CRL). If the certificate

device registered to the CRL, secure MMC 720 may reject device authentication 710. If the certificate

device is not registered in CRL, secure MMC 720 receives public key

devices using certificate

devices.

. В действии S40 случайное число

шифруется, используя открытый ключ

устройства. В действии S50 выполняется процедура отклика аутентификации путем посылки отклика аутентификации от устройства 710 secure MMC 720 или от secure MMC 720 устройству 710. Во время процедуры отклика аутентификации secure MMC 720 посылает открытый ключ

secure MMC и зашифрованное случайное число

устройству 710. По примерному варианту осуществления настоящего изобретения вместо открытого ключа

secure MMC устройству 710 можно послать сертификат

secure MMC. По другому примерному варианту осуществления настоящего изобретения secure MMC 720 может послать устройству 710 свою цифровую подпись

вместе с зашифрованным случайным числом

и сертификатом

secure MMC.In action S30, the secure MMC 720 generates a random number

. In action S40, a random number

encrypted using public key

devices. In step S50, an authentication response procedure is performed by sending an authentication response from the secure MMC 720 device 710 or from the secure MMC 720 to the device 710. During the authentication response procedure, the secure MMC 720 sends the public key

secure MMC and encrypted random number

device 710. In an exemplary embodiment of the present invention, instead of a public key

secure MMC device 710 can send a certificate

secure MMC. In another exemplary embodiment of the present invention, secure MMC 720 may send its digital signature to device 710

along with an encrypted random number

and certificate

secure MMC.

и зашифрованное случайное число

, аутентифицирует secure MMC 720 путем проверки сертификата

secure MMC, получает открытый ключ

secure MMC и получает случайное число

путем расшифровывания зашифрованного случайного числа

, используя открытый ключ

устройства. В действии S70, устройство 710 генерирует случайное число

. В действии S80 случайное число

зашифровывается, используя открытый ключ

secure MMC 720. После этого выполняется процедура окончания аутентификации (S90), где устройство 710 посылает secure MMC 720 зашифрованное случайное число

. По примерному варианту осуществления настоящего изобретения устройство 710 может посылать secure MMC 720 совместно с зашифрованным случайным числом

свою цифровую подпись

.In step S60, device 710 receives a certificate

and encrypted random number

authenticates secure MMC 720 by verifying certificate

secure MMC, get the public key

secure MMC and get a random number

by decrypting an encrypted random number

using public key

devices. In step S70, the device 710 generates a random number

. In action S80 random number

encrypted using the public key

secure MMC 720. After this, the authentication end procedure is performed (S90), where the device 710 sends the secure MMC 720 an encrypted random number

. In an exemplary embodiment of the present invention, device 710 may send secure MMC 720 together with an encrypted random number

your digital signature

.

. Как результат, устройство 710 и secure MMC 720 снабжены случайными числами, сгенерированными друг другом. Здесь, так как и устройство 710 и secure MMC 720 генерируют свои собственные случайные числа и используют случайные числа друг друга, случайность может значительно увеличиться, и возможна безопасная взаимная аутентификация. Другими словами, даже если одно из устройства 710 и secure MMC 720 имело слабую случайность, другое может дополнить случайность.In action, the S100 secure MMC 720 receives and decrypts an encrypted random number

. As a result, device 710 and secure MMC 720 are provided with random numbers generated by each other. Here, since both the device 710 and the secure MMC 720 generate their own random numbers and use each other's random numbers, randomness can increase significantly, and secure mutual authentication is possible. In other words, even if one of the device 710 and secure MMC 720 had a weak randomness, the other could complement the randomness.

In steps S110 and S120, the device 710 and secure MMC 720, which share each other's random numbers, generate their session keys and hash keys using both of their two random numbers. To generate a session key and a hash key using two random numbers, you can use the public algorithm. The simplest algorithm is to perform an exclusive OR operation with these two random numbers. After the session keys and hash keys are generated, various actions protected by DRM can be performed between device 710 and secure MMC 720.

FIG. 8 is a flowchart of a protocol by which device 710 obtains information regarding a given rights object from secure MMC 720 according to an exemplary embodiment of the present invention.

Before the device 710 asks the secure MMC 720 for information on the specified RO, in step S200, authentication is performed between the device 710 and the secure MMC 720. In steps S210 and S220, the device 710 and the secure MMC 720 each generate a session key to perform encryption and decryption during communication between the device 710 and the secure MMC 720, and a hash key for the hash algorithm, which creates a value indicating whether the information delivered from the secure MMC 720 has been modified.

In step S300, device 710 requests information from the secure MMC 720 regarding a predetermined RO. Here, to specify the RO for which information is to be obtained, the device 710 may send a content ID or an RO ID. When the device 710 has a parent RO, the ID of the RO includes the ID of the parent RO to obtain information regarding the child RO corresponding to the parent RO.

Here, the parent RO and child RO are in a relationship in which one RO is defined by inheriting permissions and restrictions from another RO. The parent RO defines permissions and restrictions for DRM content, and the child RO inherits them. The child RO refers to the content. However, the parent RO itself does not directly refer to the content, but refers to the child RO. When access to the content is allowed in accordance with the permission information regarding the child or parent RO, the DRM agent takes into account the restriction on access permission and all the top-level restrictions on the parent and child RO. As a result, a rights publisher can support a subscription business model.

Alternatively, you can include the RO ID, information about which should be obtained.

The RO-determining information may be sent when the device 710 requests information in step S300, or may be sent by a special command before the device 710 requests information. A special command will be described later with reference to FIG. 11.

In response to a request from device 710, secure MMC 720 retrieves and processes information regarding the RO corresponding to the content ID or RO ID received from device 710 in step S310, and sends processed information about the RO to device 710 in step S320.

In an exemplary embodiment of the present invention, the processed RO information selectively includes schematic information regarding legal information represented by the RO among the information elements included in the RO. For example, the processed information may include a content-compliant ID, a hash value indicating whether the content has been changed, and permission information. However, the processed information regarding the RO does not include the CEK used to decrypt the encrypted content, since the device 710 requests information regarding the RO to check whether the secure MMC 720 contains the right to use the user-required content and determine the right contained in the secure MMC 720.

In another exemplary embodiment of the present invention, the processing of information regarding the RO may include converting the data format to the data format supported by the device 710 when the data format supported by the secure MMC 720 is not supported by the device 710.

One or more ROs may correspond to specific content, and therefore two or more types of permission information may be included in the information regarding the RO.

In an exemplary embodiment of the present invention, since the information regarding the RO transmitted to the device 710 does not contain CEK, encryption of the information using the session key created during the authentication process between the device 710 and the secure MMC 720 is not required. The information regarding the RO may include a hash value in order to allow the device 710 to determine if it has been changed. The hash value can be created using the hash key generated during authentication and a well-known hash algorithm, for example, SHA1.

The device 710 recognizes the current RO ownership state required to use the specific content through a procedure for obtaining information regarding the RO and requests for the right to play, display, execute, print or export specific content from the secure MMC 720 in accordance with the RO contained on the secure MMC 720 When secure MMC 720 contains an RO corresponding to the requested permission, secure MMC 720 encrypts the CEK using a session key and transmits the encrypted CEK to device 710 in order to allow decryption device 710 Encrypted specific content.

In Fig.9. shows a block diagram of a protocol by which device 710 obtains information regarding all available rights objects from secure MMC 720 according to an exemplary embodiment of the present invention.

The user of the device 710 can identify the ROs stored in the secure MMC 720 to then use the stored content, or export, or copy the content to another device in accordance with the identified ROs.

Before the device 710 requests information from the secure MMC 720 regarding all available ROs, authentication is performed between the device 710 and the secure MMC 720 in step S400. In operations S410 and S420, the device 710 and secure MMC 720 each generate a session key for encryption and decryption and a hash key.

Regardless of the content used, in step S500, the device 710 requests information from the secure MMC 720 about all available ROs. Then, secure MMC 720 retrieves all available ROs stored in it, processes information regarding them in step S510, and sends the processed information to the device in step S520.

In an exemplary embodiment of the present invention, the processed information includes information about all available ROs stored in secure MMC 720. For example, the processed information may include an ID of each RO, a content ID managed by each RO, and a number of content IDs. However, the processed information does not include the CEK used to decrypt the encrypted content, since the device 710 requests information about all available ROs to determine the rights to the contents contained in the secure MMC 720.

In another exemplary embodiment of the present invention, processing information on all available ROs may include converting the data format to the data format supported by the device 710 when the data format supported by the secure MMC 720 is not supported by the device 710.

All available ROs stored on the secure MMC 720 can be two or more. In an exemplary embodiment of the present invention, when two or more available ROs are stored in secure MMC 720, templates individually storing information regarding the RO can be combined into a single list and transmitted to device 710 at a time.

After receiving information regarding all available ROs, the device 710 can control the RO by removing unnecessary rights, acquiring the necessary rights, and moving some rights to another device.

In an exemplary embodiment of the present invention, since the information regarding all available ROs transmitted to the device 710 does not contain CEK, encryption of the information using the session key created during the authentication process between the device 710 and the secure MMC 720 is not required. The information regarding the RO may include a hash value in order to allow the device 710 to determine if it has been changed. The hash value can be created using the hash key generated during authentication and a well-known hash algorithm, for example, SHA1.

10 is a flowchart of a protocol for removing an RO specified by a device 710 with secure MMC 720 in an exemplary embodiment of the present invention.

Before requesting from the device 710 to remove the specified RO from the secure MMC 720 in step S600, authentication is performed between the device 710 and the secure MMC 720. In steps S610 and S620, the device 710 and the secure MMC 720 each generate a session key to perform encryption and decryption during data exchange between the device 710 and the secure MMC, and a hash key for the hash algorithm, which creates a value indicating whether the information delivered from the secure MMC has been changed.

To request the deletion of a given RO, device 710 must know if a given RO exists. In order to find out about the existence / non-existence of a given RO in steps S700 through S720, the device 710 obtains information regarding the specified RO to be deleted using the protocol shown in FIG.

In step S730, the device 710 encrypts the ID of the RO to be deleted and the send sequence counter (SSC) indicating the sequence of transmissions in the current protocol using the session key to request the removal of the RO. The SSC is a value increasing when the command packet is transmitted by the device 710 to determine if the command packet was lost or tampered with by an illegal attacker during transmission. In step S740, in response to the request to delete the RO, secure MMC 720 decrypts using the session key, the encrypted RO ID transmitted by device 710, and removes the RO corresponding to the RO ID.

In another exemplary embodiment of the present invention, device 710 may send the ID of two or more ROs to be removed. In detail, the device 710 generates and encrypts an RO ID list and transmits an encrypted list. Once the list is received, secure MMC 720 decrypts it and removes the ROs corresponding to the RO IDs in the list. Here you need to remove multiple ROs.

In yet another exemplary embodiment of the present invention, instead of transmitting the IDs of the ROs to be deleted, conditions for the ROs to be deleted can be defined and transmitted. What is needed is an action in which the secure MMC 720 retrieves the ROs that satisfy the conditions and removes them. Accordingly, the operations of S700 to S720 shown in FIG. 10 for obtaining information regarding ROs stored in secure MMC 720 are not necessary since even if device 710 does not know information regarding ROs stored in secure MMC 720, device 710 can send secure MMC 720 a request to delete an RO that does not have Copy or Execution rights. Conditions may relate to rights such as Reading, Copying, Moving, Conclusion, or Execution. The conditions may be to delete an unauthorized RO based on the current time, or to remove an RO for content that does not exist on the device 710 or secure MMC 720. Then, secure MMC 720 retrieves the ROs that satisfy the conditions and deletes them.

Removing an RO can mean deleting an RO from a device, and also mean marking an RO as being deleted at any time because the RO cannot be used. When an RO deletion is performed in the secure MMC for each request, the deletion time and processing time may increase. Accordingly, it is possible to change the information regarding the RO, and then, only when the amount of memory in the secure MMC becomes insufficient, can the unnecessary ROs be deleted. In other words, the RO can be stored in the block where the unnecessary RO is stored.

Thus, in exemplary embodiments of the present invention, the deletion includes (1) a method for completely destroying an RO from a portable data storage device, and (2) a method for changing specific RO information, for example, the resource field 'id' value shown in Figure 5, information indicating that this RO is unsuitable for use, and subsequently removal of the RO. An RO marked as unusable is completely destroyed from the secure MMC when there is insufficient memory or when an external delete request is received.

In FIG. 11 through 15 show examples illustrating command formats, command parameters, and output responses that are used when the device transmits information to the secure MMC regarding content requested by the user according to the protocol shown in FIG. 8 in an exemplary embodiment of the present invention.

This shows the SET_CO_INFO command, mainly consisting of a header field and a data field (1100). The header field contains information identifying the command, and the data field contains information regarding the command. Field P1 (1120) in the header field contains a value indicating the SET_CO_INFO command. The T-field in the data field (1120) is a feature field containing a feature value indicating the SET_CO_INFO command. The L-field in the data field (1120) contains a value indicating the length of the V-field in the data field. The V field contains the content ID value. The V field may contain an RO ID value.

The SET_CO_INFO command simply passes the content ID to the secure MMC, and therefore the output response (output response) (1140) to this command has no meaning in its T-, L- and V-fields. The status word in the response at the output (1140) includes information about the result of the SET_CO_INFO command. The status word is represented by a combination of SW1 and SW2, meaning one of: “successful execution of the command”, “unknown sign”, “invalid parameter in the V-field”, “general authentication required”, “authentication required”, “verification failure” and “ number of attempts ", as shown in Fig.

In FIG. 16 through 20 show examples illustrating command formats, command parameters, and output responses that are used when a device requests information regarding an RO corresponding to secure MMC content using the protocol shown in FIG. 8 in an exemplary embodiment of the present invention.

This shows the GET_RO_INFO 1200 command, which has a similar format to the SET_CO_INFO command.

Field P1 in the header field (1220) contains a value indicating the GET_RO_INFO command. The GET_RO_INFO command requests the secure MMC to transmit information regarding the RO corresponding to the contents specified by the SET_CO_INFO command, and therefore the data field (1220) included in the GET_RO_INFO command has no meaning.

In response to output 1240, the data field contains information regarding the RO, and the status word reports the result of the GET_RO_INFO command. The T-field in the data field is a feature field having a feature value indicating a response to the GET_MOVE_RO command. The L field contains a value indicating the length of the V field. The V field contains the encrypted RO value. The information regarding the RO in the V-field may be a combination of information regarding the resolution for the RO and a hash value indicating whether the information regarding the resolution for the RO has been changed. Resolution information for an RO will be described in detail with reference to FIG. from 21 to 23.

The status word is represented by a combination of SW1 and SW2, meaning one of: “successful execution of the command”, “unknown sign”, “incorrect parameter in the V-field”, “general authentication required”, “authentication required”.

21 is an example illustrating a format of information regarding an RO (hereinafter referred to as RO information) provided by a secure MMC according to the protocol shown in FIG.

The RO information essentially includes basic information for identifying the RO and permission information for the RO. This data format is known as the current resolution state format (CPSF). As described above, CEK is excluded from the permission information. The permission status format defines all permission types requested for the RO and basic information regarding the RO. In an exemplary embodiment of the present invention, instead of sending the RO directly, a CPSF is sent, thereby reducing the transmission of redundant data between the device and the secure MMC.

With reference to FIG. 21 to 23, in an exemplary embodiment of the present invention, the CPSF includes a content ID field 1310, 1410 or 1510, a message profile index field 1330, 1430 or 1530 + message profile values, and a permission information field 1340, 1440 or 1540.

In the content ID field 1310, 1410 or 1510 to identify the specific content, a content ID is set that can be used with the RO.

The message profile index + message profile value field 1330, 1430 or 1530 sets the message profile value to protect the integrity of the transmitted data. A message profile value can be generated using a published hash algorithm (e.g. SHA1).

In the permission information field 1340, 1440, or 1540, permission information held by the RO is set.

CPSF content may vary with type RO. In exemplary embodiments of the present invention, the RO types are divided into common RO types, child RO types, and parent RO types. Type1 means common RO, Type2 means child RO. Type3 means parent RO.

Generic ROs are ROs that do not have a relationship with the subscription model (or subscription business model) described in the Digital Rights Management Expression Language (REL) of the Open Mobile Alliance (OMA DRM) version 2.0.

Corresponding to the subscription model described in OMA DRM v2.0 REL, RO can be divided into child ROs and parent ROs. Child ROs include CEK, which is the right to use encrypted content. The parent RO contains a permission element and a restriction for the permission element. Other details of the child and parent ROs are described in OMA DRM v2.0 REL. Details on OMA DRM are available at http://www.openmobilealliance.org/.

FIG. 21 shows a CPSF structure of a common RO according to an exemplary embodiment of the present invention.

The CPSF of the common RO may contain at least one permission information field 1340 that contains subfields: type field 1341, RO index field 1342, resource index field 1343, permission index field 1344, restriction number field 1345, and restriction information field 1346.

Type field 1341 contains information for determining the type of RO. RO types are shown in the Table.

RO type Identification Information (1 byte) Total RO 0x01 Subsidiary RO 0x02 Parent RO 0x03

The RO index field 1342 and the resource index field 1343 comprise, respectively, an internal RO ID and an internal resource ID in the secure MMC. The internal RO IDs and resource IDs, respectively, can be used to identify the ROs and resources stored in the secure MMC.

The permission index field 1344 contains identification information for determining the type of permission. Resolution types have been described with reference to FIG. 5.

The restriction number field 1345 contains the number of restriction information fields 1346. Each restriction information field 1346 contains a restriction index field 1347 indicating the type of restriction, and a restriction field 1348 indicating the content of the restriction. The types of restriction have been described with reference to FIG. 6.

FIG. 22 shows a CPSF structure of a child RO of an exemplary embodiment of the present invention.

Since only one child RO can be used for specific content, the CPSF contains only one permission information field.

The values set respectively in the content ID field 1410 and the message profile index field 1430 + message profile values have been described above.

The permission information field 1440 contains subfields: a type field 1441, a parent RO ID field 1442, and a publisher of a child RO unified resource locator (URL) field 1443.

Type field 1441 contains identification information for determining the type of rights object and has a value of "0x02". Field 1442 ID of the parent RO contains identification information for determining the parent rights object. The child publisher publisher URL field 1443 contains the publisher URL of the child RO.

FIG. 23 shows a structure of a CPSF of a parent RO according to an exemplary embodiment of the present invention.

The content ID field 1510 has been described above. However, the parent RO, satisfying the subscription model described in OMA DRM v2.0 REL, does not contain the CEK and the message profile value, and therefore, the profile value + message profile message field 1530 can be set to zero.

Since there is only one parent RO that allows the use of specific DRM content, the CPSF contains only one resolution information field 1540.

The permission information field 1540 contains subfields: a type field 1541, a parent RO ID field 1542, a permission index field 1543, a restriction number field 1544, and a restriction information field 1545. Type field 1541 contains identification information for determining the type of rights object and has a value of "0x03".

Field 1542 ID of the parent RO contains identification information for determining the parent rights object.

The permission index field 1543, the restriction number field 1544, and the restriction information field 1545 contain the same types of information as the permission index field 1344, the restriction number field 1345, and the restriction information field 1346 shown in FIG.

Meanwhile, a secure MMC may include both a common RO and a child RO allowing playback of specific content, or both a common RO and a parent RO allowing playback of specific content.

In FIG. 24 through 28 show examples illustrating command formats, command parameters, and output responses that are used when the device requests information about all available ROs according to the protocol shown in FIG. 9 of an exemplary embodiment of the present invention.

Here is the GET_RO_LIST command, consisting of a header field and a data field (1600). The header field contains information identifying the command, and the data field contains information regarding the command. Field P1 in the header field contains a value that identifies the GET_RO_LIST command. The GET_RO_LIST command requests the transfer of the list information of all available ROs stored in the secure MMC, and therefore the data field (1620) of the GET_RO_LIST command contains no values.

The data field in the output response (1640) contains information regarding the RO and a status word informing about the result of the command. The T-field in the data field is a feature field having a feature value, meaning that the output response (1640) is a response to the GET_RO_LIST command. The L-field in the data field has a value indicating the length of the V-field in the data field. The V field contains list information of all available ROs.

The status word is represented by a combination of SW1 and SW2, meaning one of: “successful execution of the command”, “unknown sign”, “invalid parameter in the V-field”, “general authentication required”, “authentication required”, as shown in Fig. 28 .

In FIG. 29 through 33 show examples illustrating command formats, command parameters, and output responses that are used when a device requests a secure MMC to remove a single RO according to the protocol shown in FIG. 10 of an exemplary embodiment of the present invention.

Here is the SET_DELETE_RO command containing a CLA field and an INS field that indicate a group of commands. Accordingly, commands related to deletion have the same value in the CLA and INS fields. The various deletion related commands are distinguished from one another by the fields P1 and P2. The command data field contains the encrypted ID of the RO to be deleted. The data field contains a feature field (T), a length field (L), and a value field (V). The T-field contains the category of the command, the L-field contains the length of the data contained in the V-field. The V field contains the encrypted ID of the RO to be deleted.

In the response at the output sent from the secure MMC that received the SET_DELETE_RO command, the status word is represented by the values SW1 and SW2 to indicate whether the deletion was successful, whether the data contained in the T-field was incorrect, whether there were errors in the V-field, and was required whether authentication.

INDUSTRIAL APPLICABILITY

According to an exemplary embodiment of the present invention, the device requests information regarding the RO from the portable data storage device, receives information regarding the RO from the portable data storage device, and removes unnecessary ROs, thereby easily and efficiently managing the RO.

To conclude the detailed description, it will be understood by those skilled in the art that many variations and modifications of exemplary embodiments can be made without substantially departing from the principles of the present invention. Therefore, the disclosed exemplary embodiments of the present invention are used only in a general and illustrative sense, and not for purposes of limitation.

Claims (55)

1. A method of obtaining information regarding an object of digital rights, comprising the steps of:
receive a request from the device for data about the object of rights;
get access to the rights object corresponding to one of the identifier of the content and the identifier of the object of rights, which is provided by the said device in response to the said request,
extracting and processing data on the object of rights to which access is obtained to generate data on the object of rights, which includes information regarding legal information provided by the object of rights, and
provide the device with said processed rights object data. 2. The method according to claim 1, in which, in addition to said data extraction and processing, authentication is performed with said device and an encryption key is generated. 3. The method of claim 2, wherein the encryption key comprises a session key and a hash key. 4. The method according to claim 1, wherein said processed data includes information contained in an object of rights. 5. The method according to claim 1 or 4, in which the processed data contains a content identifier, information indicating whether the content has been changed, permission information, and information about whether other information has been changed. 6. The method according to claim 5, in which the information indicating whether other information has been changed, contains information indicating the transmission sequence of said request from said device. 7. The method according to claim 5, wherein the permission information comprises at least two types of permission information. 8. The method according to claim 1, in which the processed data is converted into a format supported by said device. 9. A method of obtaining information regarding an object of digital rights, comprising the steps of:
perform authentication with a portable data storage device and generate an encryption key; requesting data about the rights object from the portable data storage device;
get access to the rights object corresponding to one of the content identifier and the identifier of the rights object, which is provided by the said device in response to the said request;
extracting and processing data on the object of rights to which access is obtained to generate data on the objects of rights, which include information regarding legal information provided by the object of rights, and
receive processed rights object data from a portable data storage device. 10. The method of claim 9, wherein the encryption key comprises a session key and a hash key. 11. The method according to claim 9, further comprising the step of converting the processed data into a data format supported by said device. 12. The method according to claim 9, which further includes checking the processed data for change. 13. The method according to claim 9, in which the processed data contains information from the rights object. 14. The method according to claim 9 or 13, in which the processed data contains a content identifier, information about whether the content has been changed, permission information, and information indicating whether other information has been changed. 15. The method of claim 14, wherein the information indicating whether other information has been changed comprises information indicating a transmission sequence from said request from the device. 16. A method of obtaining information regarding an object of digital rights, comprising the steps of:
receive a request from the device for data on all available rights objects;
get access to all available rights objects in response to the aforementioned request;
extracting and processing data on all available rights objects that have been accessed to generate data on rights objects, which include information regarding legal information provided by rights objects, and
provide said device with said processed data about all available rights objects. 17. The method according to clause 16, in which, before processing the data, authenticate with said device and generate an encryption key. 18. The method of claim 17, wherein the encryption key comprises a session key and a hash key. 19. The method according to clause 16, in which the processed data includes information contained in the object of rights. 20. The method according to clause 16 or 19, in which the processed data contains the identifier of the rights object, the identifier of the content, information indicating whether the content has been changed, permission information and information indicating whether other information has been changed. 21. The method according to claim 20, in which the information indicating whether other information has been changed, contains information indicating a transmission sequence of said request from said device. 22. The method according to clause 16, in which the processed data is converted into a format supported by said device. 23. The method according to claim 19, in which the permission information contains at least two types of permission information. 24. A method of obtaining information regarding an object of digital rights, comprising the steps of:
perform authentication with a portable data storage device and generate an encryption key; request data about all available rights objects from a portable data storage device; accessing the portable storage device in response to said request; extract and process data on all available rights objects that are accessed to generate data on rights objects, which include information on legal information provided by rights objects, and receive processed data on all available rights objects from a portable data storage device. 25. The method according to paragraph 24, in which the encryption key contains a session key and a hash key. 26. The method according to paragraph 24, which further converts the processed data into a data format supported by said device. 27. The method according to paragraph 24, which further includes checking the processed data for change. 28. The method according to paragraph 24, in which the processed data contains information included in the rights object. 29. The method according to paragraph 24 or 28, in which the processed data contains the identifier of the rights object, the identifier of the content, information indicating whether the content has been changed, permission information and information indicating whether other information has been changed. 30. The method according to clause 29, in which the information indicating whether other information has been changed, contains information indicating the transmission sequence of the request from said device. 31. A method of deleting an object of digital rights, comprising the steps of:
receive information regarding the object of rights, which is subject to deletion from a portable data storage device; selecting information regarding the rights object to be deleted;
encrypting the selected information regarding the rights object using the public encryption key to create encrypted information;
embed encrypted information regarding the rights object in a signal for transmission to a portable data storage device, and transmit the said signal to a portable data storage device. 32. The method according to p, in which additionally, before selecting information, authenticate with a portable data storage device using a public key scheme and generating a common encryption key. 33. The method according to p, in which the selected information regarding the rights object is the identifier of the rights object. 34. The method according to p, in which the selected information regarding the object of rights is information about the suitability for use of the object of rights. 35. A method of deleting an object of digital rights, comprising the steps of:
provide the device with information regarding the rights object; receive encrypted information about the removal of the rights object from the device; decrypt the encrypted information about the removal of the rights object, using a common encryption key to generate decrypted information about the removal of the rights object; get access to the rights object corresponding to the decrypted information about deleting the rights object, and delete the rights object to which they have access. 36. The method according to clause 35, in which, before receiving encrypted information about the removal of the rights object, authenticate with said device and generate an encryption key. 37. The method according to clause 35, in which the encrypted information about the removal of the rights object contains the identifier of the rights object. 38. The method according to clause 35, in which the encrypted information about the removal of the rights object contains information about the suitability of the rights object to use. 39. The method according to clause 35, in which the removal of the object of rights includes the complete destruction of the object of rights. 40. The method according to clause 35, in which the removal of the rights object includes changing the predefined information of the rights object to mark it as unnecessary. 41. The method according to p, in which the object of rights, marked as unnecessary, is completely destroyed when there is not enough storage space. 42. The method according to p, in which the rights object, marked as unnecessary, is completely destroyed in response to an external request. 43. A portable data storage device comprising: a data storage module that stores a rights object for content; an interface module that receives a request from a device for a rights object; digital rights management agent (DRM), which gets access to the rights object in response to the aforementioned request, extracts and processes data about the rights object, which is accessed to generate data on the rights objects, which include information regarding legal information provided by the objects right, and provides processed data to said device through an interface module. 44. A device for managing information regarding digital rights objects, comprising an interface module connected to a portable data storage device with the possibility of data transfer; a public key encryption module that authenticates with a portable data storage device connected via an interface module;
an encryption key generation module that generates a session key and a hash key that are used in conjunction with the portable data storage device, and a digital rights management agent (DRM), which requests data from the portable data storage device about the rights object and receives processed data about the rights object from portable storage device. 45. A device for managing information on digital rights objects, comprising a digital rights management agent (DRM), which selects information on the rights object to be deleted and embeds the selected information on the rights object in a signal for transmission to a portable data storage device; an encryption module that encrypts the selected information regarding the rights object using a common encryption key to create encrypted information on the rights object, and an interface module that transmits a signal having encrypted information on the rights object to the portable information storage device. 46. The device according to item 45, in which the selected information regarding the rights object includes an identifier of the rights object. 47. The device according to item 45, in which the selected information regarding the object of rights includes information about the suitability of the object of rights to use. 48. A portable data storage device comprising an interface module that receives encrypted information about the removal of an object of rights from a device; an encryption module that decrypts the encrypted information about the removal of the rights object using a common encryption key;
digital rights management agent (DRM), which gains access to the rights object corresponding to the decrypted information about the removal of the rights object and deletes it. 49. The portable data storage device according to claim 48, wherein the decrypted information about deleting the rights object includes an identifier of the rights object. 50. The portable data storage device according to claim 48, wherein the decrypted information about the removal of the rights object includes information about the suitability of the rights object to use. 51. The portable storage device according to claim 48, wherein the DRM agent deletes the rights object by completely destroying the rights object. 52. The portable storage device according to claim 48, wherein the DRM agent deletes the rights object by changing the predefined rights object information to mark it as unnecessary. 53. The portable data storage device according to paragraph 52, in which the rights object, marked as unnecessary, is completely destroyed when there is not enough storage space. 54. The portable data storage device according to paragraph 52, in which the rights object, marked as unnecessary, is completely destroyed in response to an external request. 55. A storage medium containing a computer-readable program for performing a method of obtaining information regarding an object of digital rights, the method comprising the following operations:
receive a request from the device for data about the rights object;
get access to the rights object corresponding to one of the content identifier and the identifier of the rights object, which is provided by the said device in response to the said request; extract and process data about the object of rights to which access is obtained to generate data on the objects of rights, which include information regarding legal information provided by the object of rights, and
provide said device with said processed data.

Images